EPSS
Percentile
48.7%
Because of these vulnerabilities, the attackers can hijack the authentication of administrators for requests that insert cross-site scripting sequences, add or modify buttons.
Update the plugin.
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3491